Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarify the maximum value of room power levels #5

Open
digitalentity opened this issue Feb 13, 2022 · 5 comments
Open

Clarify the maximum value of room power levels #5

digitalentity opened this issue Feb 13, 2022 · 5 comments
Labels
clarification An area where the expected behaviour is understood, but the spec could do with being more explicit

Comments

@digitalentity
Copy link

Link to problem area:
https://spec.matrix.org/v1.2/client-server-api/#mroompower_levels

Issue
The spec doesn't specify the maximum possible power level. The room creator power level is specified as 100, but the documentation doesn't say if a higher value is allowed (i.e. set by automation to disallow certain actions even for room creator/admin).

This is used by https://github.com/digitalentity/matrix_encryption_disabler and fhirfactory/pegacorn-communicate-roomserver#7 to disable the room encryption for certain use-cases, but since it's not documented in the spec it might be considered unsafe.

Fix
Document the valid rande for room power level. The reasonable could be i.e. [0; 255] to match the uint8 type (which would also fit into a single byte for bandwidth-efficient binary encoding and transport protocols if necessary).

@digitalentity digitalentity added the clarification An area where the expected behaviour is understood, but the spec could do with being more explicit label Feb 13, 2022
@turt2live
Copy link
Member

fwiw, the maximum power level is defined by the maximum allowable integer by canonical json

@digitalentity
Copy link
Author

That's correct, but we should probably explicitly specify that it's safe and allowed to use levels higher than 100 to make sure certain server implementations don't cap the power level to that value.

@richvdh richvdh transferred this issue from matrix-org/matrix-spec-proposals Mar 1, 2022
@dkasak
Copy link
Member

dkasak commented Mar 30, 2022

While we're at it, we should also be more explicit about the minimum power level.

@DMRobertson
Copy link
Contributor

Related: #853

@richvdh
Copy link
Member

richvdh commented Mar 31, 2023

fwiw, the maximum power level is defined by the maximum allowable integer by canonical json

I spent a while yesterday scratching my head about how this was possible given the auth rules, so to write it down: the first m.room.power_levels event can assign any power level to any user.

Referencing the auth rules in https://spec.matrix.org/v1.6/rooms/v10/#authorization-rules: normally, this is restricted by some combination of 9.8.1 and 9.9.1, which stop the sending user elevating another user's power level above their own, or elevating their own power level above its current value. However, those rules don't apply for the first PL event in the room, thanks to rule 9.4 ("If there is no previous m.room.power_levels event in the room, allow.")

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
clarification An area where the expected behaviour is understood, but the spec could do with being more explicit
Projects
None yet
Development

No branches or pull requests

5 participants